Whether it is adapting to a remote workforce, reducing headcount, or making other budget cuts, the Coronavirus pandemic has forced major changes to be made to protect the future of the business. Contradictory to this, eighty-two per cent of security and risk leaders do not adjust their budgets based on business or environmental impact. This in turn means that security teams are often unaligned from the rest of the business, and without solid alignment, organisations are often unprepared to respond effectively to a crisis.
With that in mind, a recent Gartner report highlighted five key action items for security leaders to optimise cost.
Action 1: Identify current position
When responding to a security crisis, any organisation must first establish its current position before progressing through the various phases of a crisis. Firstly, the respond phase focusses on business continuity and ‘keeping the lights on’, concentrating on essential business services and limiting unnecessary spend. During this phase, the organisation should focus on the technologies that deliver immediate value to the business.
The second phase is the recovery phase. During the recovery phase, attention can be turned towards more strategic cost optimisation solutions and processes that extend beyond the general day-to-day. This is where value and risk management should be weighed up against cost, demonstrating value to the business by strengthening staff skills and driving automation.
The final phase is the renewal where discussions will turn from cost-cutting to opportunities to drive innovation and open doors to provide value. This is the phase where most leaders can differentiate by scaling digital practises in preparation for a new normal.
Action 2: Arm yourself with the right data for decision making
Obtaining the right data is critical to inform business decisions. Using a combination of data from a range of sources will provide the most effective, detailed picture of the organisation, driving decisions based on efficiency and metrics, not emotion or company history. By using the best data available, proving and highlighting how security risk is making decisions becomes straightforward and helps evidence why a particular decision has been reached.
Action 3: Establish realistic budget options
By asking yourself scenario-based questions, you best prepare yourself against any potential hidden costs. During this process, both near- and short-term scenarios should be considered. For example, the recent budget cuts that have been enforced because of the Covid-19 pandemic are a prevalent example of short-term scenarios.
Action 4: Allocate resources based on business value
Now that you have a much better picture of your current security posture and have plans in place for various future scenarios, it’s now time to consider how to allocate resources to particular business units based on the potential value of each unit. In doing this, you should consider how you can balance risk, value, and cost.
Action 5) Adopt a holistic view of cost optimisation
Security managers need to adopt an integrated view of cost optimisation, considering the balance between supply and demand. The supply stems from a security contract management and cost savings. On the demand side, identifying ways in which to accelerate business outcomes and enable new digital business models.
Limiting any unnecessary costs is something that all organisations can benefit from, especially during the Covid-19 period. That is why cost optimisation is something that we are currently having a real focus on with our clients.
For a free consultation with an expert, contact us today.